text-to-speech

SUSPICIOUS. The core TTS capability is broadly consistent with the stated purpose, and the installer appears to be the publisher's documented same-org path with checksum verification, keeping malware likelihood low. The main concerns are the pipe-to-shell install, handing account auth to an external CLI, broad `infsh *` bash capability, and especially the explicit installation of additional skills via `npx skills add`, which extends trust transitively beyond this skill.